I received a suspicious email claiming to be from Wells Fargo customer service. Since I do not bank with Wells Fargo, I knew it was someone phishing for my personal information! The details are below.
From: Wells Fargo <firstname.lastname@example.org>
Subject: “please activate your card”
The body of the message contained the following:
“Wells Fargo has been notified by numerous members that they have received e-mail requesting account information. We will never ask you to verify your account information via e-mail.
Due to increasing number of fraudulent e-mails claiming to be from Wells Fargo, all VISA Check Cards, including yours have been deactivated.
We understand that having limited access can be an inconvenience, but protecting your account is our primary concern. We apologize for any inconvenience this may cause.
To activate your card, please follow the steps bellow:
The activation form is attached to this email. Please download the attachment, open it in a browser, and follow the instructions on your screen.
We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account.
© 1999 – 2011 Wells Fargo. All rights reserved. NMLSR ID 399801″
I highlighted one obvious misspelling above! I did NOT open the attached PDF file, instead reported the email to Wells Fargo for investigation.
If you receive a similar spoof email, DO NOT open the attachment. Report it immediately! Forward the entire message to email@example.com.
****Here is the official response from Wells Fargo****
“Thank you for reporting a suspicious email, website, or text message to firstname.lastname@example.org. At Wells Fargo, we take our customers’ security very seriously and will promptly research this matter. If our research determines that this communication is fraudulent, we will work with the proper authorities to shut it down immediately. Please note that we will not respond to your submission unless we need additional information regarding this matter.
Please review the following items to ensure your personal and account information is protected:
-If you did not share any personal or account information, no further action is necessary. If you shared any personal or account information through a website or text message, or over the telephone, speak with a fraud prevention specialist. You can learn more about who to contact on our Fraud Information Center: www.wellsfargo.com/privacy_security/fraud.
-If you clicked on a link or downloaded an attachment in the email you are reporting, make sure your anti-virus software is current and your operating system and browser are updated with current security patches.
-Delete all copies of the suspicious email or text message from your inbox.
If you have further questions, call the phone number listed on your account statement or bank card or visit our customer service information online www.wellsfargo.com/help/. Please do not respond to this email.
Wells Fargo is dedicated to protecting your information. Learn about what we do to protect your accounts online at www.wellsfargo.com/privacy_security/online/protect.
You can learn more about phishing on our Fraud Information Center: www.wellsfargo.com/privacy_security/fraud.
Wells Fargo Online Fraud Prevention Team”